--- /dev/null
+<!DOCTYPE html>
+
+<html lang="en">
+<head>
+ <meta charset="utf-8" />
+ <title><!--~$title show {~-->Files<!--~}~--></title>
+ <link rel="stylesheet" href="style.css" type="text/css">
+</head>
+
+<body>
+<!--~$body show {~-->
+
+ <!--~form {~-->
+ <h2><!--~id unset {~-->Add a new file<!--~}~--><!--~id {~-->Edit file "~description html~"<!--~}~--></h2>
+
+ <form action="admin_files" method="post" enctype="multipart/form-data"><!--~id {~--><div style="display: none"><input type="hidden" name="edit_id" value="~id attr~"></div><!--~}~--><input type="hidden" name="MAX_FILE_SIZE" value="~upload_max_filesize~">
+
+ <div class="caption">Filename</div>
+ <div class="field"><input type="file" name="filename"><input type="hidden" name="old_filename" value="~filename attr~"></div>
+
+ <div class="caption">Description</div>
+ <div class="field"><input type="text" name="description" value="~description attr~"></div>
+
+ <div class="caption"> </div>
+ <div class="field"><input type="submit" name="save" value="Save"></div>
+
+ </form>
+
+ <div class="caption"> </div>
+ <div class="field"><a href="admin_files~id {~?id=~id~~}~">Cancel</a></div>
+ <!--~}~-->
+
+ <!--~listings once {~-->
+ <h2>Files Listing</h2>
+
+ <!--~listings once_if {~-->
+ <p><a href="admin_files?new=1">[Add a new file]</a></p>
+
+ <table cellspacing="0" cellpadding="4" border="1" summary="">
+ <tr><th>Filename</th><th>Description</th><th> </th></tr><!--~listings {~-->
+ <tr>
+ <td class="listing"><a href="admin_files?edit_id=~id~">~filename html~<!--~filename empty {~--><em>(blank)</em><!--~}~--></a></td>
+ <td class="listing"><a href="admin_files?edit_id=~id~">~description html~<!--~description empty {~--><em>(blank)</em><!--~}~--></a></td>
+ <td><a href="admin_files?admin_files_delete_id=~id~" onclick="return confirm('Permanently delete?')">[delete this file]</a></td>
+ </tr><!--~}~-->
+
+ </table>
+ <!--~}~-->
+ <!--~listings once_else {~-->
+ <p>No files in database.</p>
+ <!--~}~-->
+
+ <p><a href="admin_files?new=1">[Add a new file]</a></p>
+ <!--~}~-->
+
+<!--~}~-->
+</body>
+</html>
--- /dev/null
+<?php
+
+# This form requires wfpl. See: http://jasonwoof.org/wfpl
+
+# This form was initially auto-generated. If you would like to alter the
+# parameters and generate a new one try this URL:
+#
+# http://metaform.l/?file_name=admin_files&table_name=files&singular=file&plural=files&opt_email=No&opt_db=Yes&opt_listing=Yes&opt_display=No&opt_pass=Yes&opt_public_form=No&opt_public_display=No&fields=filename+file%0D%0Adescription+textbox&edit=yes
+
+
+# SETUP
+
+# To save results to a database, you'll need to create the files table
+# (the file admin_files.sql should help with this), and create the file
+# 'code/db_connect.php' which calls db_connect() see:
+# code/wfpl/examples/db_connect.php
+#
+# if you rename any of the database fields, you'll need to update this:
+
+define('ADMIN_FILES_DB_FIELDS', 'filename,description');
+
+# Set this to the path to your uploads directory. It can be relative to the
+# location of this script. IT MUST END WITH A SLASH
+$GLOBALS['upload_directory'] = 'uploads/';
+
+$GLOBALS['filename_file_name'] = uniqid() . getmypid() . '.txt'; # comment this out to use uploader's filename
+
+
+require_once('code/wfpl/format.php');
+require_once('code/wfpl/email.php');
+require_once('code/wfpl/upload.php');
+
+function admin_files_get_fields() {
+ $data = array();
+
+ $data['description'] = format_oneline(_REQUEST_cut('description'));
+
+ $filename_filename_tmp = $GLOBALS['filename_file_name'];
+ if(!$filename_filename_tmp) {
+ $filename_filename_tmp = format_filename(_REQUEST_cut('filename'));
+ }
+ if($_FILES['filename'] && $_FILES['filename']['error'] == 0) {
+ $data['filename'] = save_uploaded_file('filename', $GLOBALS['upload_directory'] . $filename_filename_tmp);
+ } else {
+ if(_REQUEST_cut('delete_filename') == 'Yes') {
+ $data['filename'] = '';
+ } else {
+ $data['filename'] = format_path(_REQUEST_cut('old_filename'));
+ }
+ }
+ unset($_FILES['filename']);
+
+ return $data;
+}
+
+
+function admin_files_main() {
+ if(logged_in_as_admin()) {
+ tem_set('admin_privs');
+ } else {
+ $_REQUEST['url'] = this_url();
+ return 'admin_login';
+ }
+
+ $id = _REQUEST_cut('edit_id');
+ if($id) {
+ return admin_files_main_form($id);
+ }
+
+ $id = _REQUEST_cut('admin_files_delete_id');
+ if($id) {
+ return admin_files_main_delete($id);
+ }
+
+ if(_REQUEST_cut('new')) {
+ return admin_files_main_form();
+ }
+
+ if(_REQUEST_cut('list')) {
+ return admin_files_main_listing();
+ }
+
+ if(isset($_POST['description'])) {
+ return admin_files_main_form();
+ }
+
+ # default action:
+ return admin_files_main_listing();
+}
+
+function admin_files_main_delete($id) {
+ db_delete('files', 'where id=%i', $id);
+ message('File deleted.');
+ return './admin_files';
+}
+
+function admin_files_main_listing() {
+ $listing_rows = db_get_assocs('files', 'id,filename,description', 'order by description limit 100');
+ tem_set('listings', $listing_rows);
+}
+
+function admin_files_main_form($id = false) {
+ if($id) {
+ tem_set('id', $id);
+ }
+
+ if(isset($_POST['description'])) {
+ $data = admin_files_get_fields();
+
+ if("you're happy with the POSTed values") {
+ if($id) {
+ db_update_assoc('files', $data, 'where id=%i', $id);
+ message('File updated.');
+ } else {
+ db_insert_assoc('files', $data);
+ message('File saved.');
+ }
+ if($error !== true) {
+ return './admin_files';
+ }
+ }
+ # otherwise, we display the form again. admin_files_get_fields() has
+ # already put the posted values back into the template engine, so they will
+ # show up in the form fields. You should add some message asking people to
+ # fix their entry in whatever way you require.
+ } elseif($id) {
+ # we've recieved an edit id, but no data. So we grab the values to be edited from the database
+ $data = db_get_assoc('files', ADMIN_FILES_DB_FIELDS, 'where id=%i', $id);
+ } else {
+ # form not submitted, you can set default values like so:
+ #$data = array('description' => 'Yes');
+ $data = array();
+ }
+
+ tem_set('upload_max_filesize', upload_max_filesize());
+
+ tem_set('form', $data);
+}